Researchers crack Nikon image authentication system
ElcomSoft researched Nikon’s Image Authentication System, a secure suite validating if an image has been altered since capture, and discovered a major vulnerability in the manner the secure image signing key is handled. This allowed the company to extract the…
PlayStation Network credit cards protected by encryption
All credit card information stored on Sony’s PlayStation Network was encrypted, the company said 1 day after warning users their user names, passwords, birth dates, and home addresses were stolen in a security breach. “The entire credit card table was…
SpyEye adds support for Chrome and Opera
If you don’t know, SpyEye is a crimeware toolkit that originated in Russia. According to reports from the cyber criminal underground, the latest version of the SpyEye trojan comes with form grabbing support for Google Chrome and Opera, two browsers…
PlayStation Network hack leaves credit card info at risk
Sony thinks an “unauthorized person” now has access to all PlayStation Network account data and passwords, and may have obtained the credit card numbers of the service’s 70 million users, Wired reported April 26. The PlayStation maker said it believes…
Sony unsure if PlayStation Network user data was stolen
Sony has yet to determine if customers’ personal information and credit card details have been stolen as part of an external intrusion into its system that has left its PlayStation network inaccessible for 5 days. “Our efforts to resolve this…
‘Blackhole’ attack tool spreads across the Internet
An online attack tool known as Blackhole has stormed onto the market in the first part of 2011 and is being used for large-scale attacks, according to experts. Security vendor AVG said in its latest quarterly security report that the…
One-fourth of SSL Websites at risk
More than a year after the Internet Engineering Task Force issued a security extension to the Secure Sockets Layer (SSL) protocol for a flaw that affects servers, browsers, smart cards, and VPN products, as well as many lower-profile devices such…
New PDF exploit hiding technique tricks antivirus engines
Researchers from AVAST warn of a new technique used by PDF exploits to evade antivirus detection. It relies on encoding the malicious code as an image object. AVAST first encountered this technique in a malicious PDF file a month ago…
Apple patches Pwn2Own
Comodo hack bugs. Apple April 14 patched bugs in iOS and Safari used at March’s Pwn2Own hacking contest by three teams of researchers. In an iOS update to version 4.3.2, Apple patched a bug exploited by two researchers, who hacked…
Skype for Android has a major security flaw
A major security flaw has been discovered in the Skype for Android app, which could put users’ private data in danger of being accessed by others. After discovering that a leaked beta version of the VoIP app was vulnerable to…